On Mon, 04 Dec 2023 17:26:44 +0000, James Houghton wrote:
> It is currently possible for a userspace application to enter a page
> fault loop when using HugeTLB pages implemented with contiguous PTEs
> when HAFDBS is not available. This happens because:
> 1. The kernel may sometimes write PTEs that are sw-dirty but hw-clean
> (PTE_DIRTY | PTE_RDONLY | PTE_WRITE).
> 2. If, during a write, the CPU uses a sw-dirty, hw-clean PTE in handling
> the memory access on a system without HAFDBS, we will get a page
> fault.
> 3. HugeTLB will check if it needs to update the dirty bits on the PTE.
> For contiguous PTEs, it will check to see if the pgprot bits need
> updating. In this case, HugeTLB wants to write a sequence of
> sw-dirty, hw-dirty PTEs, but it finds that all the PTEs it is about
> to overwrite are all pte_dirty() (pte_sw_dirty() => pte_dirty()),
> so it thinks no update is necessary.
>
> [...]
Applied to arm64 (for-next/fixes), thanks!
[2/2] arm64: mm: Always make sw-dirty PTEs hw-dirty in pte_modify
https://git.kernel.org/arm64/c/3c0696076aad
I only picked up the second patch and added the description from the
cover letter into the commit log.
--
Catalin
